diff options
| author | feistel <6742251-feistel@users.noreply.gitlab.com> | 2021-08-26 09:02:38 +0300 |
|---|---|---|
| committer | feistel <6742251-feistel@users.noreply.gitlab.com> | 2021-11-03 02:44:08 +0300 |
| commit | a3bf20e9a6fb8da3622ef4f610fcc98c16a55ab7 (patch) | |
| tree | 076da37faa2029a58a3c6ce52920f1a0689335bd /.gitlab | |
| parent | 2b5f9c3202c73306a6d7bafb58b7570b7dfec87d (diff) | |
ci: refactor ci jobs
Diffstat (limited to '.gitlab')
| -rw-r--r-- | .gitlab/ci/prepare.yml | 28 | ||||
| -rw-r--r-- | .gitlab/ci/test.yml | 37 |
2 files changed, 20 insertions, 45 deletions
diff --git a/.gitlab/ci/prepare.yml b/.gitlab/ci/prepare.yml index 89a861e5..8313295d 100644 --- a/.gitlab/ci/prepare.yml +++ b/.gitlab/ci/prepare.yml @@ -1,15 +1,16 @@ -# TODO: use versioned templates https://gitlab.com/gitlab-org/gitlab-pages/-/issues/456 include: - template: Security/License-Scanning.gitlab-ci.yml - template: Security/SAST.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml - template: Security/Secret-Detection.gitlab-ci.yml +variables: + SAST_EXCLUDED_ANALYZERS: "eslint" + # workflow rules are not extended by scanner jobs, need to override them manually # TODO: remove when https://gitlab.com/gitlab-org/gitlab/-/issues/218444 is done .rules-for-scanners: &rules-for-scanners - stage: prepare rules: # For merge requests, create a pipeline. - if: '$CI_MERGE_REQUEST_IID' @@ -27,15 +28,16 @@ license_scanning: gemnasium-dependency_scanning: <<: *rules-for-scanners +gosec-sast: + <<: *rules-for-scanners + gemnasium-tools-dependency_scanning: - stage: prepare image: name: "$SECURE_ANALYZERS_PREFIX/gemnasium:$DS_MAJOR_VERSION" script: - /analyzer run --target-dir ./tools gemnasium-tools-license_scanning: - stage: prepare image: name: "$SECURE_ANALYZERS_PREFIX/license-finder:$LICENSE_MANAGEMENT_VERSION" entrypoint: [""] @@ -43,25 +45,7 @@ gemnasium-tools-license_scanning: - CI_PROJECT_DIR=$(pwd)/tools /run.sh analyze . secret_detection: - stage: prepare rules: # For merge requests, create a pipeline. - if: '$CI_MERGE_REQUEST_IID' -gosec-sast: - <<: *rules-for-scanners - -# disable eslint-sast since html files are fixtures for testing -eslint-sast: - rules: - - when: never - -download deps: - extends: .go-mod-cache - stage: prepare - script: - - make deps-download - artifacts: - paths: - - go.mod - - go.sum diff --git a/.gitlab/ci/test.yml b/.gitlab/ci/test.yml index e778214f..524678c6 100644 --- a/.gitlab/ci/test.yml +++ b/.gitlab/ci/test.yml @@ -1,50 +1,39 @@ .tests-common: - extends: .go-mod-cache - stage: test + extends: .common needs: ['download deps'] artifacts: reports: junit: junit-test-report.xml -.tests-unit: +.tests-matrix: extends: .tests-common + image: golang:${GO_VERSION} + parallel: + matrix: + - GO_VERSION: ["1.16", "1.17"] + +tests: + extends: .tests-matrix script: - echo "Running all unit tests..." - make test ARGS='-short' -.tests-acceptance: - extends: .tests-common +tests-acceptance: + extends: .tests-matrix script: - echo "Running just the acceptance tests...." - make acceptance -test:1.16: - extends: .tests-unit - image: golang:1.16 - -test-acceptance:1.16: - extends: .tests-acceptance - image: golang:1.16 - -test:1.17: - extends: .tests-unit - image: golang:1.17 - -test-acceptance:1.17: - extends: .tests-acceptance - image: golang:1.17 - race: extends: .tests-common script: - echo "Running race detector" - - make setup - make race cover: extends: .tests-common script: - - make generate-mocks + - echo "Running coverage testing" - make cover coverage: '/total:.+\(statements\).+\d+\.\d+/' artifacts: @@ -69,5 +58,7 @@ code_quality: check deps: extends: .tests-common + before_script: + - echo skipping script: - make deps-check |